1. Technical Field
The present invention relates to techniques of obfuscating computer programs to protect the programs from unauthorized analysis and tampering. The present invention also relates to techniques of executing an obfuscated program while protecting the program.
2. Background Art
Various program obfuscation techniques have been disclosed in order to protect programs from unauthorized analysis and tampering.
With the aim of providing obfuscation techniques for enhancing software security, Patent document 1 listed below discloses a method for obfuscating computer code to be executed. The disclosed method includes selecting a subset of code, selecting an obfuscating transformation, and applying the selected transformation to the selected subset of code. The thus transformed code can be weakly equivalent to the untransformed code.
Patent document 2 also listed below discloses the following technique for use in a computer system having a DLL (dynamic link library). According to the disclosed technique, a link with a normal library is executed after authenticating the library, so that forgery of the library is prevented. To this end, a main program running on the computer system is provided with an authentication function that includes a data generation unit. The data generation unit inputs authentication data and key data to a data processing part of the program. The data generation unit also gives the same authentication data and key data to a data processing part that is included in an authentication function of the DLL. A data comparison part included in the program compares the 1st and 2nd sets of processing data obtained from the respective processing parts. When the two sets of processing data are in agreement with each other, the DLL is authenticated as a normal library.
Patent document 3 also listed below discloses the following technique with the aim of providing a system in which programs are efficiency encrypted and decrypted while preventing program tampering. According to the disclosed technique, an initial program IP running an information processing device causes encryption/decryption processing programs Pr1, Pr2, . . . to be transmitted in encrypted form from the information processing device to an IC card on condition that a password matches. The IC card decrypts these programs with a decryption key held by an authentic user and sends them back to the information processing device. The information processing device loads these programs into a work memory area PA to initiate the programs to carry out data encryption/decryption processing. Since these programs are normally in encrypted form, it is ensured that the programs are neither analyzed nor tampered with by a third party. After the authentic user has completed data processing, the programs decrypted into plaintext are erased. Since no programs in plaintext are left unerased after the processing, security of these programs is assured. With the above arrangement, the encryption/decryption processing can be carried out efficiency, because a user needs not to take a storage medium storing these programs out of a deposit place and to set it in the information processing device in each encryption/decryption processing.
Patent document 4 also listed below discloses the following technique with the aim of protecting encrypted data against a malicious attempt to use the data by altering a decryption support program. According to the disclosed technique, a decryption device temporarily suspends CPU operation upon receipt of a decoding request. An address detection part monitors memory access by the CPU and acquires a storage address Pr of an instruction code that has issued the decoding request. An encryption authentication part authenticates an encryption key. A decryption support program authentication part acquires an authentication range designation (pre and post) from the encryption key, calculates a message digest number by applying a one-way hash function to a range of Pr−pre to Pr+post, and compares the calculation result with the message digest number contained in the encryption key to authenticate the correctness of the decryption support program. When this authentication is successful, a data decoding part acquires a decryption key from the encryption key and decrypts the encoded data.
Patent Document 1
JP Patent Application Publication No. 2002-514333
Patent Document 2
JP Patent Application Publication No. 11-110193
Patent Document 3
JP Patent Application Publication No. 9-6232
Patent Document 4
JP Patent Application Publication No. 11-39156